NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-46723

Summary	The additional_tables configuration of the page and tt_content indexers accepts arbitrary table and field names. A backend user with permission to edit indexer configurations can copy sensitive data from internal TYPO3 tables into the search index.
Publication Date	May 19, 2026, 7:16 p.m.
Registration Date	May 20, 2026, 4:12 a.m.
Last Update	May 19, 2026, 11:47 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://typo3.org/security/advisory/typo3-ext-sa-2026-011	f4fb688c-4412-4426-b4b8-421ecf27b14a

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-668	誤った領域へのリソースの漏えい	https://cwe.mitre.org/data/definitions/668.html